Health care data breach at CareCloud may affect millions

CareCloud reported unauthorized access to a single electronic health record environment on March 16, 2026, and says the affected systems were restored the same day; a forensic investigation is ongoing to determine whether patient data were accessed.

CareCloud reported unauthorized access to one of its electronic health record environments on March 16, 2026. The company said the affected environment was restored the same day after more than eight hours of disruption. CareCloud has reported the threat was removed and said a forensic investigation is under way to determine whether patient information was accessed. The company also reported it is working with external cybersecurity specialists and law enforcement while the scope of the incident is reviewed. Key facts: - CareCloud reported unauthorized third-party access on March 16, 2026, to a single EHR environment within its CareCloud Health division. - The company said functionality was restored the same day after more than eight hours and that other CareCloud platforms were not impacted. - CareCloud stated it believes the threat was contained and removed, and that there is no confirmed evidence of data misuse at this time. - A forensic investigation is ongoing, law enforcement and external specialists are involved, and law firms have been reported to be investigating potential litigation; the total number of affected individuals remains under review. Summary: CareCloud supports thousands of health care providers and has said the incident affected one of its EHR environments; the company has not disclosed how many patients may be involved. CareCloud reports systems have been restored and the threat actor no longer has access, and it says there is no confirmed evidence of data misuse. External cybersecurity teams, law enforcement, and law firms are reported as involved as the investigation continues. Undetermined at this time.